Create Azure users and groups in Microsoft Entra ID

Question 1

In Microsoft Entra ID

Answer 1

all user accounts are granted a set of default permissions. A user’s account access consists of the user type, their role assignments, and their ownership of individual objects.

There are different types of user accounts in Microsoft Entra ID. Each type has a level of access specific to the scope of work expected to be done under each type of user account. Administrators have the highest level of access, followed by the member user accounts in the Microsoft Entra organization. Guest users have the most restricted level of access.

Question 2

Microsoft Entra roles

Answer 2

Use Microsoft Entra roles to manage Microsoft Entra ID-related resources like users, groups, billing, licensing, application registration, and more.

Question 3

Role-based access control (RBAC) for Azure resources

Answer 3

Use RBAC roles to manage access to Azure resources like virtual machines, SQL databases, or storage. For example, you could assign an RBAC role to a user to manage and delete SQL databases in a specific resource group or subscription.

Question 4

assign access rights Direct assignment

Answer 4

Assign a user the required access rights by directly assigning a role that has those access rights.

Question 5

assign access rights Group assignment:

Answer 5

Assign a group the required access rights, and the group members will inherit those rights.

Question 6

assign access rights Rule-based assignment

Answer 6

Use rules to determine a group membership based on user or device properties. For a user account or device’s group membership to be valid, the user or device must meet the rules. If the rules aren’t met, the user account or device’s group membership is no longer valid. The rules can be simple. You can select prewritten rules or write your own advanced rules.